move keystore gen logic to common function

This moves the method for generating a new keystore for the repo signing key to a common function so that it can be used in more subcommands beyond `fdroid init`. The immediate idea is to make `fdroid update --create-key` upgrade unsigned repos to signed ones so we can make fdroidclient only use signed repos.
2025-09-15 15:32:30 +03:00 · 2015-04-20 20:27:38 -04:00 · 2015-04-20 20:27:38 -04:00 · 276123856c
commit 276123856c
parent af360199f1
2 changed files with 52 additions and 48 deletions
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@ -32,6 +32,7 @@ import magic
 import logging
 import hashlib
 import socket
+
 from distutils.version import LooseVersion
 from zipfile import ZipFile

@ -2024,25 +2025,47 @@ def genpassword():
    return h.digest().encode('base64').strip()


-def genkey(keystore, repo_keyalias, password, keydname):
-    '''generate a new keystore with a new key in it for signing repos'''
-    logging.info('Generating a new key in "' + keystore + '"...')
-    write_password_file("keystorepass", password)
-    write_password_file("keypass", password)
+def genkeystore(localconfig):
+    '''Generate a new key with random passwords and add it to new keystore'''
+    logging.info('Generating a new key in "' + localconfig['keystore'] + '"...')
+    keystoredir = os.path.dirname(localconfig['keystore'])
+    if keystoredir is None or keystoredir == '':
+        keystoredir = os.path.join(os.getcwd(), keystoredir)
+    if not os.path.exists(keystoredir):
+        os.makedirs(keystoredir, mode=0o700)
+
+    write_password_file("keystorepass", localconfig['keystorepass'])
+    write_password_file("keypass", localconfig['keypass'])
    p = FDroidPopen(['keytool', '-genkey',
-                     '-keystore', keystore, '-alias', repo_keyalias,
+                     '-keystore', localconfig['keystore'],
+                     '-alias', localconfig['repo_keyalias'],
                     '-keyalg', 'RSA', '-keysize', '4096',
                     '-sigalg', 'SHA256withRSA',
                     '-validity', '10000',
                     '-storepass:file', config['keystorepassfile'],
                     '-keypass:file', config['keypassfile'],
-                     '-dname', keydname])
+                     '-dname', localconfig['keydname']])
    # TODO keypass should be sent via stdin
-    os.chmod(keystore, 0o0600)
+    os.chmod(localconfig['keystore'], 0o0600)
    if p.returncode != 0:
        raise BuildException("Failed to generate key", p.output)
    # now show the lovely key that was just generated
    p = FDroidPopen(['keytool', '-list', '-v',
-                     '-keystore', keystore, '-alias', repo_keyalias,
+                     '-keystore', localconfig['keystore'],
+                     '-alias', localconfig['repo_keyalias'],
                     '-storepass:file', config['keystorepassfile']])
    logging.info(p.output.strip() + '\n\n')
+
+
+def write_to_config(thisconfig, key, value=None):
+    '''write a key/value to the local config.py'''
+    if value is None:
+        origkey = key + '_orig'
+        value = thisconfig[origkey] if origkey in thisconfig else thisconfig[key]
+    with open('config.py', 'r') as f:
+        data = f.read()
+    pattern = '\n[\s#]*' + key + '\s*=\s*"[^"]*"'
+    repl = '\n' + key + ' = "' + value + '"'
+    data = re.sub(pattern, repl, data)
+    with open('config.py', 'w') as f:
+        f.writelines(data)